Huawei and Cisco’s Source Code: Correcting the Record

Last week, I wrote about statements made by Charles Ding, Huawei’s Senior Vice President and Chief Representative in the U.S., Mr. Ding explained the 2003-2004 intellectual property litigation between Cisco and Huawei as follows: “Huawei provided our source code of our products to Cisco for review and the results were that there was not any infringement found and in the end Cisco withdrew the case . . . the source code of the issues was actually from a 3rd party partner that was already available and open on the internet.”

In my blog, I let Huawei and Mr. Ding know that Cisco would waive any confidentiality provisions from that litigation so the world could learn what really happened and suggested they publish the expert’s report from the litigation. Huawei and Mr. Ding have so far ignored my offer. Under the agreement that resolved the litigation, we are entitled to act on our own, so we now do so.

Two things are clear about the Cisco – Huawei dispute:

The litigation was between two private companies, not between governments. It’s not about the US or China and we respect the efforts the Chinese government is making to increase intellectual property protection. Rather, this dispute involved a very simple claim that one company used the other’s trade secrets and copyrighted materials without permission.

Unlike the smartphone patent battles, where parties try to protect and grow their market share by suing each other over broad patents where no direct copying is required, let alone even knowledge that a patent exists, this litigation involved allegations by Cisco of direct, verbatim copying of our source code, to say nothing of our command line interface, our help screens, our copyrighted manuals and other elements of our products.

The agreement that ended that lawsuit allows either party to make a reasonable response to improper or impermissible statements by the other. Mr. Ding’s statements of two weeks ago indeed misstate the facts and therefore merit a direct, factually accurate and proportionate response. Rather than providing Cisco’s interpretation of the facts, we think it better simply to set forth the facts themselves. To that end, the following are verbatim excerpts from the Neutral Expert’s Final Source Code Report, dated June 15, 2004:

From a section entitled Comparison of Cisco STRCMP and Huawei’s [CODE NAME REDACTED]: “It must be concluded that Huawei misappropriated this code.

From a section entitled Functionality: “Because of the many functional choices available to the Huawei developers (including three of their own routines), the fact that they made the same functional choice as Cisco would suggest access to the Cisco code even if the routines had implementation differences.”

From a section entitled Comments and White Space: “The exactness of the comments and spacing not only indicate that Huawei has access to the Cisco code but that the Cisco code was electronically copied and inserted into [Huawei’s] [CODE NAME REDACTED].”

From a section entitled Findings: “The nearly identical STRCMP routines are beyond coincidence. The Huawei [CODE NAME REDACTED]routine was copied from the strcmp routine in Cisco strcmp.c file.”

Finally, the Neutral Expert’s conclusion: “Cisco’s source code has been used in Huawei’s version [CODE VERSION REDACTED] implementation of its Versatile Routing Platform. Two library files from Cisco’s Internetwork Operating System were compromised. Huawei has replaced the library code in VRP version [CODE VERSION REDACTED] but the replacement methodology was flawed and must be redone. A proper procedure will be simple and straightforward.”

None of these source code strings involved Cisco’s proprietary EIGRP routing protocol that Huawei had publicly admitted to using in their products and had said they had removed prior to the Neutral Expert’s review; rather, they are all related to “core’ parts of the routing code.

We urge Huawei to publish the full Neutral Expert’s Final Report in order to clarify what actually happened in the litigation, overcome any confusion and demonstrate their purported transparent business practices and respect for intellectual property rights. In the meantime, we will continue to be diligent in protecting our intellectual property.

We'd love to hear from you! To earn points and badges for participating in the conversation, join Cisco Social Rewards. Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed.

I do not and never will trust huawei or affiliated products routing or swtiching platforms that contain huawei components such as ASICs, CPUs, Memory Modules, ect
The company has too close of a relationship with the PLA for comfort and I would not want to put my self or my customers at risk of espionage or intrusion.
US based companies such as cisco and several others continue to outsource manufacturing of devices to china which is basically handing over our network infrastructure on a silver platter and paying them for it. This is hurting ME the customer and my customers as there is really no alternative since 90 percent of all electronics manufacturing is done in china... I am deeply concerned about this and it will only get worse when tentions escalate or governments do what they do best which is start conflicts. I can see the day when a trade embargo hits and we find out selves with no network products or systems in the US which would effectively cripple our businesses and our country.

Thanks for that clarification. This is exactly the same that I had heard, but I did not have the deatails to make the argument. There is no doubt in my mind that Huawei outright "inserted" portions of Cisco code to use it in their own product. With the importance of Intellectual Property becoming increasingly important, I believe we should challenge any such misappropriations with all possible means.

STRCMP as in the generic string comparison routines that are available in every C library since the beginning of time? What an incredibly odd and completely irrelevant thing to steal, and to complain about being stolen.

Some of the individuals posting to this site, including the moderators, work for Cisco Systems. Opinions expressed here and in any corresponding comments are the personal opinions of the original authors, not of Cisco. The content is provided for informational purposes only and is not meant to be an endorsement or representation by Cisco or any other party. This site is available to the public. No information you consider confidential should be posted to this site. By posting you agree to be solely responsible for the content of all information you contribute, link to, or otherwise upload to the Website and release Cisco from any liability related to your use of the Website. You also grant to Cisco a worldwide, perpetual, irrevocable, royalty-free and fully-paid, transferable (including rights to sublicense) right to exercise all copyright, publicity, and moral rights with respect to any original content you provide. The comments are moderated. Comments will appear as soon as they are approved by the moderator.